The Channel logo


By | John Leyden 19th November 2014 12:16

London police chief: City bankers, prepare for a terrorist cyber attack. Again

Fingers ISIS as likely attacker

+Comment Western financial institutions should prepare themselves for cyber attacks from Islamic militants, the head of the City of London police warns.

Commissioner Adrian Leppard urged preparations ought to be put at hand during a security conference in New York. According to the FT, he singled Islamic State of Iraq and the Levant (aka Isis) as a potential attacker.

"There could be a very serious impact to the financial institutions of the world through a cyber attack and I think it's a very strong likelihood that it will happen one day in the future, which is why we've got to push back and take action now before it happens," Commissioner Leppard told the (Financial Times - registration required).

The City of London force and New York District Attorney's Office will be stationing permanent staff in each other's offices to build greater co-operation between police and prosecutors that cover the Square Mile and Wall Street. The exchange programme is designed to ward off attacks, Reuters adds.

Commissioner Leppard previously described Tor as 90 per cent of the internet during an IP Enforcement Summit back in June.


In your correspondent's view, it is likely that this latest warning is built on insubstantial foundations that paint a misleading view of the threat landscape (cue scary headlines about Cyber Terror). The warning also overlooks the fact that through exercises such as Waking Shark City financial institutions are already collectively testing their incident response and disaster recovery.

Warnings about a Cyber Pearl Harbour have been going on for 15 years or more. Commissioner Leppard's warning offers a jihadist twist, fuelled by real world concerns about ISIS/IS.

But IS is largely using the internet for propaganda and recruitment and the Islamist cyber-threat is best categorised as the possibility of DDoS or website defacement by hacktivist types.

Islamic hacktivists claimed responsibility for a series of distributed denial-of-service attacks that hit US financial organisations in two waves during September 2012 and early 2013. The Izz ad-Din al-Qassam Cyber Fighters were linked to DDoS attacks against US Bancorp, Citigroup, Wells Fargo and Bank of America, among others.

The group said the offensive was motivated by the continued availability of the inflammatory Innocence of Muslims video on YouTube.

Unnamed US government officials claimed Iran was orchestrating the attacks as a reprisal for Stuxnet. Security experts cast scorn on the notion that the DDoS attacks had to be nation-state sponsored because a server-based botnet involving compromised WordPress sites had been harnessed in the attack. ®

comment icon Read 35 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe